Didier Stevens

Monday 9 November 2020

The Qwerty Effect And Passwords

Filed under: technology — Didier Stevens @ 0:00

I recently learned about the Qwerty effect on a podcast: baby names are more likely to contain characters (percentual) from the right hand on a Qwerty keyboard than characters from the left hand.

This got me wondering: what about passwords?

I wrote a Python program and let it run on the rockyou password list:

There is a qwerty effect in this list: 57% of the passwords have more letters from the right-side, and 43% from the left-side.

To decide if a password is “left” or “right”, I count the letters per password (I ignore all other characters), and if the ratio of “left” letters to the total amount of letters is higher than the ratio of “right” letters to the total amount of letters, then the password is “left”. And vice versa.

Remark that I don’t know if these passwords were created by users with a qwerty keyboard. It could be another layout. But for some layouts, the set of left and right letters doesn’t change, as with azerty for example.

 

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.